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Encoding method for carrying out cryptographic operations. 



Technical field 

The invention relates to an encryption method as disclosed in the introductory 
part of Claim 1 wherein at least one cryptographic sub-operation y- x = fi(Xj,ki) is performed on 
5 data x i; kj which are digitally stored as data bit words, the relevant result or intermediate 

results yi being digitally stored or buffered as data bit words. The invention also relates to an 
encryption device as disclosed in the introductory part of Claim 8 which includes a processor 
and registers Rj, the processor performing at least one cryptographic sub-operation y A - 
fi(xi,ki) on operands x l9 ki which are digitally stored as data bit words in the registers R x of the 
10 encryption device, the relevant result or intermediate results yi being digitally stored or 
buffered as data bit words in the registers Ri of the encryption device. 
State of the art 

Cryptographic operations are carried out in many data processing apparatus so 
as to protect the operation of such apparatus or the data transported in the apparatus. The 

15 arithmetic operations required for this purpose are carried by standard processors as well as 
by dedicated crypto processors. A typical example of the latter processor is formed by a chip 
card or an IC card. As is shown in Fig. 1, for such cryptographic calculations it is often 
necessary to initialize relevant storage sections or registers of the data processing apparatus 
with operands x b k x . During the calculation intermediate results y, are possibly stored in 

20 storage sections or registers Rj or subsequently the result of the calculation is stored in 
storage sections or registers for further processing. The register Rj is situated between a 
preceding i th cryptographic calculation and a subsequent (i+l)* cryptographic operation. The 
data x 1? kj or intermediate results y y used in this context customarily constitute security- 
relevant information such as, for example, cryptographic keys or operands. 

25 In order to calculate the cryptographic algorithms the data processing 

apparatus form logic combinations of operands kj or intermediate results y\ or Xi, xi+i> 
Depending on the technology used, such operations, notably the loading of the storage 
sections or registers with data, lead to an increased current consumption of the data 
processing apparatus. In the case of complementary logic, for example CMOS, an increase of 
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the current consumption occurs when the value of a bit storage cell changes, i.e. when its 
value changes from "0" to "1" or from "1" to "0". The increase of the consumption is then 
dependent on the number of bit positions changed in the memory or register. In other words, 
the loading of a previously erased register causes an increase of the current consumption 
5 which is proportional to the Hamming weight of the operand (= number of bits having the 
value " 1 ") or to the difference in the Hamming weight. Analysis of such a current variation 
could thus enable extraction of information concerning the operations executed, thus enabling 
successful crypto analysis of secret operands such as, for example, cryptographic keys. For 
example, in the case of very small signal variations, adequate information could be extracted 

1 0 by carrying out a plurality of current measurements on the data processing apparatus. On the 
other hand, a plurality of measurements could also enable a possibly required differentiation. 
This type of crypto analysis is also called "Differential Power Analysis" whereby an outsider 
could successfully perform a possibly unauthorized crypto analysis of the cryptographic 
operations, algorithms, operands or data purely by observing changes in the current 

1 5 consumption of the data processing apparatus. 

From US 5,297,201 it is known to combine a high frequency radiating 
computer with a device which also radiates high frequency similar to that of the computer. As 
a result, unauthorized third parties can no longer decode the high-frequency radiated by the 
computer. This system, however, cannot prevent crypto analysis by a third party having 

20 direct access to the computer. 

In order to eliminate a correlation in chip cards between the output of a result 
of a cryptographic operation or a transfer of key information for a cryptographic operation 
and the cryptographic operation itself, it is known from Patent Abstracts of Japan 10069222 A 
to delay the result of the cryptographic operation or the transfer of the key information for the 

25 cryptographic operations. However, this system can also be analyzed by way of Differential 
Power Analysis, because the delayed data transfer also becomes apparent in the current 
consumption of the data processing apparatus. 
Implementation of the invention, object, solution, advantages 

30 It is an object of the present invention to provide an improved method and an 

improved device of the kind set forth which eliminate the described drawbacks and 
effectively prevent crypto analysis by observation of current consumption of a data 
processing apparatus. 
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This object is achieved by a method of the kind set forth which is 
characterized as disclosed in Claim 1 . 

To this end, according to the invention at option at least one of the data Xi, k| 
and/or the result or at least one intermediate result y\ is bit- wise complemented to 
5 y — f(x i, k i ) and/or y [ or not, depending on a control signal i\ which is based on random 
numbers. 

This offers the advantage that other bit series are processed or stored in the 
case of repeated execution of the same cryptographic operation, so that the respective 
execution of a cryptographic operation or several cryptographic operations produce different 

10 current variations in the data processing apparatus. Irrespective of the actual value of the sub- 
results, in the case of repeated execution of the overall calculation it is thus achieved that 
each data path changes the same number of times from "0" to "0", from "0" " 1 from " 1 " to 
"0" and from "1 " to "1 " in the case of a pure random number series or practically the same 
number of times in the case of a pseudo-random number series. However, because the control 

15 signal rj based on random numbers is not known or predetermined, there will be no 

correlation between the current variations and the bit values of the data and results, so that 
Differential Power Analysis no longer leads to successful crypto analysis. In other words, the 
mean current consumption of the overall operation does not contain usable information 
concerning the sub-operands or intermediate results used in the sub-operations. 

20 Advantageous further versions of the method are disclosed in the Claims 2 to 

7. 

Preferably, one or more XOR combinations (EXCLUSIVE- OR combinations) 
are formed during the cryptographic sub-operations. 

The data contain, for example cryptographic keys and/or operands. 
25 In a preferred version intermediate results y* are buffered in a register Ri 

between the execution of successive cryptographic sub-operations and are used as an operand 
Xi+i for the subsequent cryptographic sub-operations. 

In order to form an original, non-inverted value after each sub-operation, a bit 
series Xj+i = yj derived from the intermediate result yi of a preceding sub-operation i is bit- 
30 wise complemented to x i+i for a subsequent sub-operation i+1 if the data Xi, kj of the 
preceding sub-operation i were bit-wise complemented. 

In a particularly advantageous version at least one bit value, notably the even 
bit values, the odd bit values or all bit values, of a data bit word Xi, ki or yi are inverted during 
the bit- wise complementary operation. It is then particularly advantageous to perform an 
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inversion of bit values or bit addresses of a data bit word x i5 ki or yi by means of an XOR 
operation (EXCLUSIVE-OR operation) during the bit-wise complementary operation. 

A device of the kind set forth according to the invention is provided with at 
least one inverter which can be controlled by a control signal n and serves for at least one of 

5 the data x i? ki and/or the result or at least one intermediate result y 1? with a random number 
generator which generates random numbers, as well as with a device for generating the 
control signal T\ on the basis of the random numbers, the controllable inverter either, in 
dependence on the control signal n 9 converting the bit series x i? k x or y s into their bit-wise 
complement x i? k \ and y \, respectively, or leaving them unchanged. 

10 This offers the advantage that other bit sequences are processed or stored in 

the case of repeated execution of the same cryptographic operation, so that other current 
variations occur in the data processing apparatus during the respective execution of the 
cryptographic operation or cryptographic operations. Irrespective of the actual value of the 
sub-results, in the case of repeated execution of the overall calculation it is thus achieved that 

1 5 each data path changes the same number of times from "0" to "0", from "0" to "1", from " 1 " 
to "0" and from "1 n to "1" in the case of a pure random number series or practically the same 
number of times in the case of a pseudo-random number series. However, because the control 
signal rj based on random numbers is not known or predetermined, there will be no 
correlation between the current variations and the bit values of the data and results, so that 

20 Differential Power Analysis no longer leads to successful crypto analysis. In other words, the 
mean current consumption of the overall operation does not contain usable information 
concerning the sub-operands or intermediate results used in the sub-operations. 

Advantageous further embodiments of the device are described in the Claims 9 

to 14. 

25 In a preferred embodiment at least one register Ri is succeeded by an inverter 

which receives the same control signal n as the inverter for the data x*, ki which precedes the 
1 th sub-operation. The inverter succeeding a register R t of the sub-operation is preferably 
combined with an inverter for input data xj+i which precedes the subsequent (i+l) th sub- 
operation. The combined inverter preferably receives the control signal ri of the preceding i th 
30 sub-operation as well as the control signal r i+ i of the subsequent (i+l)* sub-operation. 

The data contain, for example, cryptographic keys and/or operands. 
In a preferred embodiment a register Ri stores an intermediate result y\ of the 
preceding 1 th sub-operation between a preceding I th sub-operation and a subsequent (i+l) th 
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respectively. In other words, the decision whether an inversion of the relevant input values of 
the inverters 18 to 28 is performed or whether the input values traverse the inverters 18 to 28 
in non-processed form is taken by the additional control signal n and r i+ i, respectively. This 
arrangement of registers 14, 16 between sub-operations 10, 12 is used particularly when the 
sub-operations 10, 12 are calculated successively in time by one and the same unit so that the 
sub-results must be buffered. 

The control signal is controlled by random values from a random generator in 
such a manner that, depending on the value of the random numbers, the sub-operation yields 
either the original result y = f(x,k) or the bit-inverted result y = f(x,k). It is thus achieved 
that the calculation as well as the storage of the data in the registers Ri 14, 16 takes place 
either by way of original values or bit-inverted values. In the case of repeated execution of 
the overall calculation it is thus achieved that each data path changes over the same number 
of times from "0" to "0", from "0" to "1", from "1" to "0" and from "1" to "1", irrespective of 
the actual value of the sub-results. The mean current consumption of the overall operation, 
consequently, does not contain useful information concerning the sub-operands ki or 
intermediate results y* involved in the sub-operations 10, 12. The inverter 26, 28 succeeding 
the registers 14, 16 restores the original, non-inverted value again for the next sub-operation 
12 again. 

The second preferred version of the encryption method according to the 
invention as shown in Fig. 3 corresponds to the first version shown in Fig. 2, the only 
difference being that the inverters 26, 28 succeeding the registers 14, 16 are combined with 
the respective input inverter 20 of the next stage 12 so as to form an inverter 30. 

The inverters invert, for example, only a part of the bit values of the relevant 
data bit word. For example, only the even or the odd bit words or bit addresses are inverted. 
The bit values are inverted, for example, by means of an XOR (EXCLUSIVE OR) operation. 
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CLAIMS: 



1 . An encryption method wherein at least one cryptographic sub-operation yi = 
fi(xi ? ki) is performed on data x\ 9 k{ which are digitally stored as data bit words, the relevant 
result or intermediate results yi being digitally stored or buffered as data bit words, 
characterized in that 

5 at option at least one of the data Xi, and/or the result or at least one intermediate result y L is 
bit- wise complemented to x l , k l and/or y l or not, depending on a control signal r x which is 
based on random numbers. 

2. An encryption method as claimed in Claim 1, 
1 0 characterized in that 

one or more XOR (EXCLUSIVE OR) combinations are formed during the cryptographic 
sub-operations. 

3. An encryption method as claimed in Claim 1 or 2, 
1 5 characterized in that 

the data contain cryptographic keys and/or operands. 

4. An encryption method as claimed in one of the preceding Claims, 
characterized in that 

20 intermediate results yi are buffered in a register between the execution of successive 
cryptographic sub-operations and are used as an operand x i+i for the subsequent 
cryptographic sub-operations. 

5. An encryption method as claimed in one of the preceding Claims, 
25 characterized in that 

a bit series Xi+i = y; derived from the intermediate result yt of a preceding sub-operation i is 
bit- wise complemented to x&\ for a subsequent-operation i+1 if the data x i? ki of the 
preceding sub-operation i were bit- wise complemented. 
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6. An encryption method as claimed in one of the preceding Claims, 
characterized in that 

during the bit- wise complementary operation at least one bit value, notably the even bit 
values, the odd bit values or all bit values, of a data bit word x i5 ki or y { are inverted. 

5 

7. An encryption method as claimed in one of the preceding Claims, 
characterized in that 

bit values or bit addresses of a data bit word x*, ki or yj are inverted by means of an XOR 
operation (EXCLUSIVE OR operation) during the bit- wise complementary operation. 

10 

8. An encryption device which includes a processor and registers Rj (14, 16), the 
processor performing at least one cryptographic sub-operation y { = fi(x i3 ki) (10, 12) on 
operands x is ki which are digitally stored as data bit words in the registers R* (14, 16) of the 
encryption device, the relevant result or intermediate result yi being digitally stored or 

15 buffered as data bit words in the registers Rj (14, 16) of the encryption device, 
characterized in that 

there are provided at least one inverter (1 8 to 28; 30) which can be controlled by a control 
signal ri and serves for at least one of the data x i; ki and/or the result or at least one 
intermediate result y i? a random number generator which generates random numbers, as well 
20 as a device for generating the control signal r { on the basis of the random numbers, the 

controllable inverter (1 8 to 28; 30) either, in dependence on the control signal r i? converting 
the bit series x i? ki or yi into their bit- wise complement x i, k- x and y is respectively, or leaving 
them unchanged. 

25 9. An encryption device as claimed in Claim 8, 

characterized in that 

at least one register (Ri(14, 16) is succeeded by an inverter (26, 28; 30) which receives the 
same control signal r, as the inverter (1 8, 20) for the data x i5 ki which precedes the i* sub- 
operation (10, 12). 

30 



1 0. An encryption device as claimed in Claim 9, 

characterized in that 
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the inverter (26, 28) succeeding a register Rj(14, 16) of the 1 th sub-operation (10, 12) is 
combined with an inverter (20) for input data x i+ i which precedes the subsequent (i+l)* sub- 
operation (12). 

5 11. An encryption device as claimed in Claim 1 0, 

characterized in that 

the combined inverter (30) receives the control signal n of the preceding 1 th sub-operation 
(10) as well as the control signal r i+ i of the subsequent (i+l)* 11 sub-operation (12). 

10 12. An encryption device as claimed in one of the Claims 8 to 1 1, 

characterized in that 

the data contain cryptographic keys and/or operands. 

13. An encryption device as claimed in one of the Claims 8 to 12, 
1 5 characterized in that 

between a preceding 1 th sub-operation (10) and a subsequent (i+lf 1 sub-operation (12) a 
register R* (14, 16) stores an intermediate result y { of the preceding X th sub-operation (10) and 
forwards this intermediate result as an input value x i+ i to the subsequent (i+l) th sub-operation 
(12). 

20 

14. An encryption device as claimed in one of the Claims 8 to 13, 
characterized in that 

the bit-wise complementary operation inverts at least one bit value, notably the even bit 
values, the odd bit values or all bit values, of a data bit word x i? kj or y;. 
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ABSTRACT: 



The invention relates to an encryption method as well as to an encryption 
device wherein at least one cryptographic sub-operation y- t - f^xjcj) is performed on data x i? 
ki which are digitally stored as data bit words and wherein the relevant result or relevant 
intermediate results y s are digitally stored or buffered as data bit words. At option at least one 
5 of the data x i? k* and/or the result or at least one intermediate result yi is bit- wise 

complemented to x l 9 k t and/or y t or not, depending on a control signal n which is based on 
random numbers. 
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